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In the claims : 

Please substitute the following full listing of 
claims for the claims as originally filed or most 
recently amended, 

1. (Currently Amended) A method of operating a data 
processing system to control user access to a plurality 
of resources, said method including the steps of 

editing a list of resources, 

editing a list of access profiles, each said 
access profile in said list of access profiles 
containing a designation of at least one of said 
resources listed in said list of resources, and 

editing a list of users to add or delete, for a 
user of said list of users, an access profile 
designation for an access profile containing said 
designation of said at least one said resource, said 
list of users including, for each listed user, a 
security profile including a userlD by which the user 
can be authenticated for one or more access profiles^, 

wherein a level of said list of access profiles is 
loQically between levels of said list of users and said 
list of resources in an architecture comprising said 
list of users, said list of access profiles and said 
list of resources, respectively . 

2. (Original) A method as recited in claim 1, wherein 
all of said editing steps are performed under 
supervision of an administrator to the exclusion of 
users . 
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3. (Original) A method as recited in claim 1, 
including the further step of 

authorizing access of each user to selected 
resources included in said resource list in accordance 
with contents of profiles in said list of profiles 
which are associated with each user in said list of 
users . 

4. (Original) A method as recited in claim 3, wherein 
said authorizing step is performed upon detection of a 
said editing step. 

5. (Original) A method as recited in claim 4, wherein 
said detection is performed by comparison of said lists 
of users, profiles and resources with prior lists of 
users, profiles and resources. 

6. (Original) A method as recited in claim 3, 
including the further steps of 

authenticating a user in accordance with said 
user ID, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 

7. (Original) A method as recited in claim 4, 
including the further steps of 

authenticating a user in accordance with said 
user ID, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 
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8. (Original) A method as recited in claim 5, 
including the further steps of 

authenticating a user in accordance with said 
userlD, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 

9. (Original) A method as recited in claim 2, 
including the further step of 

authorizing access of each user to selected 
resources included in said resource list in accordance 
with contents of profiles in said list of profiles 
which are associated with each user in said list of 
users . 

10. (Original) A method as recited in claim 9, wherein 
said authorizing step is performed upon detection of an 
editing step. 

11. (Original) A method as recited in claim 10, wherein 
detection of an editing step is performed by comparison 
of said lists of users, profiles and resources with 
prior lists of users, profiles and resources. 

12. (Original) A method as recited in claim 9, 
including the further steps of 

authenticating a user in accordance with said 
userlD, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 
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13. (Original) A method as recited in claim 10, 
including the further steps of 

authenticating a user in accordance with said 
userlD, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 

14. (Original) A method as recited in claim 11, 
including the further steps of 

authenticating a user in accordance with said 
user ID, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 

15. (Original) A method as recited in claim 1, 
including the further step of 

deleting a resource from all profiles specifying a 
resource to be deleted from said resource list during 
said step of editing said list of resources. 

16. (Original) A method as recited in claim 1, 
including the further step of 

deleting a profile from all users in said list of 
users for which a profile to be deleted from said 
profile list is specified during said step of editing 
said list of profiles. 
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17. (Currently Amended) A data processing system 
having a plurality of available resources, said system 
including 

a server, 

means for controlling access to said resources, 
said means for controlling access to said resources 
including a list of said resources, a list of access 
profiles, each access profile in said list of access 
profiles corresponding to at least one said resource 
listed in said list of resources, and a list of users 
containing security profile information for 
authenticating a user and at least one access profile 
information associated with each said user, said at 
least one access profile corresponding to said at least 
one resource whereby said security profile 
authenticates a user to said at least one resource 
specified in a said access profile information in said 
security profile for said user, and 

means for providing communication between a user 
and said server^, 

wherein a level of said list of access profiles is 
logically between levels of said list of users and said 
list of resources in an architecture comprisincr said 
list of users, said list of access profiles and said 
list of resources, respectively . 

18. (Original) A system as recited in claim 17, further 
including 

means for editing any of said list of users, said 
list of profiles and said list of resources. 

19. (Original) A system as recited in claim 18, further 
including 

means for detecting editing of any of said list of 
users, said list of profiles and said list of 
resources . 
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20. (Original) A system as recited in claim 17, further 
including 

means for authorizing user access to selected ones 
of said resources in accordance with said profiles in 
said list of profiles and said users in said list of 
users . 

21. (Original) A system as recited in claim 19, further 
including 

means for authorizing user access to selected ones 
of said resources in accordance with said profiles in 
said list of profiles and said users in said list of 
users responsive to said means for detecting editing. 

22. (Original) A system as recited in claim 17, further 
including 

means for authenticating a user upon access by 
said user to said server. 

23. (Original) A system as recited in claim 22, further 
including 

means for directing a user authenticated by said 
means for authenticating a user to a resource to which 
access of that user has been authorized by said 
authori zing means . 

24. (Original) A system as recited in claim 23, wherein 
said means for directing is responsive to location or 
path data contained in said list of resources. 

25. (Original) A system as recited in claim 24, wherein 
said path or address data is a URL. 
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26. (Original) A system as recited in claim 17, further 
including 

means for deleting a resource from all profiles 
specifying a resource to be deleted from said resource 
list . 

27. (Original) A system as recited in claim 17, further 
including 

means for deleting a profile from all users in 
said list of users for which a profile to be deleted 
from said profile list is specified. 

28. (Currently Amended) A computer readable medium 
containing code for operating a data processing system 
to control user access to a plurality of resources, 
said code implementing the steps of 

editing a list of resources, 

editing a list of access profiles, each said 
access profile in said list of access profiles 
containing a designation of at least one of said 
resources listed in said list of resources, and 

editing a list of users to add or delete, for a 
user, an access profile designation of an access 
profile containing said designation of said at least 
one said resource, said list of users including, for 
each listed user, a security profile including a userlD 
by which the user can be authenticated for one or more 
access profiles^, 

wherein a level of said list of access profiles is 
logically between levels of said list of users and said 
list of resources in an architecture comprisinQ said 
list of users, said list of access profiles and said 
list of resources, respectively . 
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29. (Original) A computer readable medium as recited in 
claim 28, wherein said code requires all of said 
editing steps to be performed under supervision of an 
administrator to the exclusion of users. 

30. (Original) A computer readable medium as recited in 
claim 28, further including code for implementing a 
step of 

authorizing access of each user to selected 
resources included in said resource list in accordance 
with contents of profiles in said list of profiles 
which are associated with each user in said list of 
users . 

31. (Original) A computer readable medium as recited in 
claim 30, wherein a code section implementing said 
authorizing step is executed upon detection of a said 
editing step. 

32. (Original) A computer readable medium as recited in 
claim 31, wherein a code section performing said 
detection compares said lists of users, profiles and 
resources with prior lists of users, profiles and 
resources . 

33. (Original) A computer readable medium as recited in 
claim 30, further including code for implementing the 
steps of 

authenticating a user in accordance with said 
userlD, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 
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34. (Original) A computer readable medium as recited in 
claim 33, wherein said code implementing said detection 
of an editing step compares said lists of users, 
profiles and resources with prior lists of users, 
profiles and resources. 

35. (Original) A computer readable medium as recited in 
claim 34, further including code implementing the 
further steps of 

authenticating a user in accordance with said 
userlD, and 

providing access to a resource, authorized by said 
authorizing step, which is selected by said user 
authenticated in said authenticating step. 

36. (Original) A computer readable medium as recited in 
claim 28, further including code for implementing a 
step of 

deleting a resource from all profiles specifying a 
resource to be deleted from said resource list during 
said step of editing said list of resources. 

37. (Original) A computer readable medium as recited in 
claim 28, further including code for implementing a 
step of 

deleting a profile from all users in said list of 
users for which a profile to be deleted from said 
profile list is specified during said step of editing 
said list of profiles. 



